Cyber Security Risk Manager (m/f/d)

BASF

  • Madrid
  • Permanente
  • Tiempo completo
  • Hace 24 días
ABOUT USAt BASF Digital Hub Madrid we develop innovative digital solutions for BASF, create new exciting customer experiences and business growth, and drive efficiencies in processes, helping to strengthen BASF´s position as the digital leader in the chemical industry. We believe the right path is through creativity, trial and error and great people working and learning together. Become part of our team and develop the future with us - in a global team that embraces diversity and equal opportunities.WHAT YOU CAN EXPECTWe are seeking an experienced Cyber Security Risk Manager to join our CISO organization. As part of the Cyber Security Risk Management team, you will contribute to the development, implementation, and maintenance of our cyber security risk management framework.You will be a part of our Cyber Governance, Risk and Compliance (GRC) Product Family, which is the pilar of the second Line of Defense (2LoD) and manages the Cyber Security Framework for the whole BASF Group, following a risk-based approach. One major part of that is to develop and implement risk management tools, policies, and procedures in line with ISO 27001 and other relevant standards. Your core responsibilities will be:
  • Provide support to Asset Owners and Risk Owners to facilitate the operationalization of Cyber Risk Management -related processes.
  • Foster collaboration with our global Risk Community, by actively gathering their feedback, while effectively communicating updates and enhancements to ensure alignment and engagement.
  • Provide awareness materials and moderate training sessions on Cyber Security Risk Management to promote continuous learning and compliance towards BASF Business Units.
  • Derive new processes or pilots to strengthen GRC in response to the evolving threat landscape.
  • Conduct research on new threats by leveraging different sources such as Google Threat Intelligence or Dragos
  • Execute strategic risk assessments on-demand to identify and evaluate emerging risks that could negatively affect or harm BASF
  • Maintain and improve the toolset that our team provides (RSA Archer, Power BI, Knowledge Base within SharePoint)
  • Aggregate operational risks and translate asset-specific risks to generic risk scenarios on enterprise level to support senior management reporting and strategic as well as tactical decision-making.
  • Support the lifecycle update of group-wide cyber security governance regulations based on generic BASF risk landscape.
  • Work closely with cross-functional teams to support compliance of risk management processes with ISMS according to ISO 27001 and other relevant regulations.
  • Collaborate with Asset Owners and Risk Owners to maintain a risk register and associated risk treatment plans up to date
  • Monitor and report on the effectiveness of risk management controls and support the reporting of significant risks to senior management
REQUIREMENTS OF THE POSITION
  • University degree in computer science, Information Technology, or a related field
  • Experience with developing, implementing, and maintaining an ISMS based on ISO 27001 or other relevant standards
  • Profound experience in cyber security, particularly in GRC and cyber security risk management
  • Strong understanding of risk management principles, frameworks and practices, especially in the field of risk aggregation as well as definition and evaluation of generic risks on enterprise level
  • Experience with risk assessments, cyber threats and vulnerabilities
  • Knowledge of relevant laws and regulations related to cyber security
  • Excellent communication and interpersonal skills, with the ability to work effectively with internal team members and cross-functional teams Internal
  • Relevant certifications such as CISSP, CISM, CRISC are a plus
WHAT WE OFFER
  • A secure work environment because your health, safety and wellbeing is always our top priority.
  • Flexible work schedule and Home-office options, so that you can balance your working life and private life.
  • Learning and development opportunities
  • 23 holiday days per year
  • 5 additional days (readjustment)
  • 2 cultural days
  • A collaborative, trustful and innovative work environment
  • Being part of an international team and work in global projects
  • Relocation assistance to Madrid provided
HOW TO REACH USIf you're interested in the position or know someone who might be and need support on how to take next steps, please send an email to felipe.bianco@partners.basf.comA unique total offer: you@BASFAt BASF you get more than just compensation. Our total offer includes a wide range of elements you need to be your best in every stage of your life. That's what we call you@BASF. Click here to learn more.A unique total offer: you@BASFAt BASF you get more than just compensation. Our total offer includes a wide range of elements you need to be your best in every stage of your life. That's what we call you@BASF. Click here to learn more.Discover the world of BASF and develop data solutions for the Chemistry 4.0 era – for a sustainable future. Help drive the digital transformation of the chemical industry by harnessing the potential of the latest data science technologies and data sources.About BASFFind out what BASF has to offer as an employer and why you should join our team.Your applicationHere you find anything you need to know about your application and the application process.Contact usYou have questions about your application or on how to apply in Europe? The BASF Talent Acquisition Europe team is glad to assist you.Please note that we do not return paper applications including folders. Please submit copies only and no original documents.Madrid, ESBASF Digital Solutions S.L.DigitalizationPermanent125168ATS_WCMS_WEBFORM

BASF